matlock.ca // THREAT INTELLIGENCE

116Articles

9Categories

2024-09-26Date

🚨

Ivanti vTM Flaw Added To Known Exploited Vulnerabilities Catalog

KEVPACKETSTORMSECURITY.COM — 26 Sep 2024

🐛

EPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization?

THEHACKERNEWS.COM — 26 Sep 2024

🐛

Critical SQL Injection Vulnerability Discovered in ‘The Events Calendar’ WordPress Plugin

SECURITYONLINE.INFO — 26 Sep 2024

🐛

TeamViewer Urges Users to Patch Privilege Escalation Flaws

SECURITYONLINE.INFO — 26 Sep 2024

🐛

Update: GitLab Backports Fix for CVE-2024-45409 to Older Versions

SECURITYONLINE.INFO — 26 Sep 2024

🐛

Critical Vulnerability in pgAdmin Puts User Data at Risk

SECURITYONLINE.INFO — 26 Sep 2024

🐛

Critical Vulnerabilities Found in Proroute H685t-w 4G Router

SECURITYONLINE.INFO — 26 Sep 2024

🐛

Chromium: CVE-2024-9123 Integer overflow in Skia

MSRC.MICROSOFT.COM — 26 Sep 2024

🐛

Chromium: CVE-2024-9122 Type Confusion in V8

MSRC.MICROSOFT.COM — 26 Sep 2024

🐛

Chromium: CVE-2024-9121 Inappropriate implementation in V8

MSRC.MICROSOFT.COM — 26 Sep 2024

🐛

Chromium: CVE-2024-9120 Use after free in Dawn

MSRC.MICROSOFT.COM — 26 Sep 2024

⚠️

Zero trust, not no trust: A practical guide to implementing ZTNA

CSOONLINE.COM — 26 Sep 2024

⚠️

Flax Typhoon’s Botnet Actively Exploiting 66 Vulnerabilities In Various Devices

GBHACKERS.COM — 26 Sep 2024

⚠️

Beware the risks of vulnerable VPNs: update, maintain, monitor, and protect

CSOONLINE.COM — 26 Sep 2024

⚠️

Critical Arc Browser Vulnerability Let Attackers Execute Remote Code

GBHACKERS.COM — 26 Sep 2024

⚠️

Open Source C2 Frameworks Used In Red Teaming Assessments Vulnerable To RCE Attacks

GBHACKERS.COM — 26 Sep 2024

⚠️

Microsoft Warns Of Vanilla Tempest Hackers Attacking Healthcare Sector

GBHACKERS.COM — 26 Sep 2024

⚠️

Attackers impersonate freight companies in double brokering scams

CSOONLINE.COM — 26 Sep 2024

⚠️

TeamTNT Hackers Attacking VPS Servers Running CentOS

GBHACKERS.COM — 26 Sep 2024

⚠️

Researchers Backdoored Azure Automation Account Packages And Runtime Environments

GBHACKERS.COM — 26 Sep 2024

⚠️

New Mallox Ransomware Linux Variant Attacking Enterprise Linux Servers

GBHACKERS.COM — 26 Sep 2024

⚠️

Google Warns Of North Korean IT Workers Have Infiltrated The U.S. Workforce

GBHACKERS.COM — 26 Sep 2024

⚠️

RansomHub Ransomware Using Multiple Techniques To Disable EDR And Antivirus

GBHACKERS.COM — 26 Sep 2024

⚠️

Cloud Security Podcast by Google » EP191 Why Aren't More Defenders Winning? Defender’s Advantage and How to Gain it!

INFOSEC.PUB — 26 Sep 2024

⚠️

Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyberattacks

SECURITYWEEK.COM — 26 Sep 2024

⚠️

Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware

THEHACKERNEWS.COM — 26 Sep 2024

⚠️

Chinese hackers allegedly hacked US ISPs for cyber espionage

CSOONLINE.COM — 26 Sep 2024

⚠️

Automattic blocks WP Engine’s access to WordPress resources

BLEEPINGCOMPUTER.COM — 26 Sep 2024

⚠️

CISA Releases Five Industrial Control Systems Advisories

CISA.GOV — Thu, 26 Sep 24 1

⚠️

SAP SE revamps application security scanning using simulation and automation

CSOONLINE.COM — 26 Sep 2024

⚠️

Remote Code Execution, DoS Vulnerabilities Patched In OpenPLC

PACKETSTORMSECURITY.COM — 26 Sep 2024

⚠️

Remote Code Execution, DoS Vulnerabilities Patched in OpenPLC

SECURITYWEEK.COM — 26 Sep 2024

⚠️

Here are the top 3 causes of breaches – and how to mitigate them

CSOONLINE.COM — 26 Sep 2024

⚠️

Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates

THEHACKERNEWS.COM — 26 Sep 2024

⚠️

Cisco Releases Security Updates for IOS and IOS XE Software

CISA.GOV — Thu, 26 Sep 24 1

⚠️

Kaspersky defends force-replacing its security software without users’ explicit consent

TECHCRUNCH.COM — 26 Sep 2024

⚠️

Zero-Day Vulnerabilities in Automatic Tank Gauge Systems

DATABREACHTODAY.CO.UK — 2024-09-26

⚠️

Cryptohack Roundup: BingX, Truflation Exploits

DATABREACHTODAY.CO.UK — 2024-09-26

⚠️

AI in Cyber & Addressing Analyst Burnout - Kayla Williams - PSW #844

YOUTUBE.COM — 2024-09-26

⚠️

Memory-Safe Coding Cuts Android System Flaws by 75%

DATABREACHTODAY.CO.UK — 2024-09-26

⚠️

Threat Actors Leverage Docker Swarm and Kubernetes to Mine Cryptocurrency at Scale

SECURITYLABS.DATADOGHQ.COM — 26 Sep 2024

⚠️

Pure Storage Reveals CVSS 10 Vulnerabilities, Putting FlashArray, FlashBlade Systems at Risk

SECURITYONLINE.INFO — 26 Sep 2024

⚠️

Critical Flaw in RAISECOM Gateways Actively Exploited, Exposing Thousands to Remote Attacks

KEVSECURITYONLINE.INFO — 26 Sep 2024

⚠️

New Rust-based Splinter Post-Exploitation Tool Poses Major Risk

THEREGISTER.COM — 26 Sep 2024

⚠️

Proxmox Virtual Environment and Mail Gateway Exposed to Critical API Vulnerability

SECURITYONLINE.INFO — 26 Sep 2024

⚠️

Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk

THEHACKERNEWS.COM — 26 Sep 2024

⚠️

Patch for Critical CUPS vulnerability: Don't Panic, (Thu, Sep 26th)

ISC.SANS.EDU — 26 Sep 2024

⚠️

Security compliance unicorn Drata lays off 9% of its workforce

TECHCRUNCH.COM — 26 Sep 2024

⚠️

Visa Acquires AI Leader Featurespace for Payments Protection

DATABREACHTODAY.CO.UK — 2024-09-26

⚠️

CUPS flaws enable Linux remote code execution, but there’s a catch

BLEEPINGCOMPUTER.COM — 26 Sep 2024

📢

NIST proposes barring some of the most nonsensical password rules

SH.ITJUST.WORKS — 26 Sep 2024

📢

CISO Tradecraft podcast #199 - How to Secure Generative AI

INFOSEC.PUB — 26 Sep 2024

📢

Israeli Group Claims Lebanon Water Hack as CISA Reiterates Warning on Simple ICS Attacks

SECURITYWEEK.COM — 26 Sep 2024

📢

CISA warns hackers targeting industrial systems with “unsophisticated methods” as claims made of Lebanon water hack

TRIPWIRE.COM — 26 Sep 2024

📢

NIST Proposes Barring Some Of The Most Nonsensical Password Rules

PACKETSTORMSECURITY.COM — 26 Sep 2024

📢

State Lawmakers to Give Banks Tools to Fight Elder Fraud

DATABREACHTODAY.CO.UK — 2024-09-26

📢

Foxit security advisory (AV24-542)

CYBER.GC.CA — 2024-09-26

📢

GitLab security advisory (AV24-543)

CYBER.GC.CA — 2024-09-26

📢

Breach Roundup: How to Spot North Korean IT Workers

DATABREACHTODAY.CO.UK — 2024-09-26

📢

NIST Calls for Major Overhaul in Typical Password Practices

DATABREACHTODAY.CO.UK — 2024-09-26

🔥

Hackers Weaponizing PDF files To Deliver New SnipBot Malware

GBHACKERS.COM — 26 Sep 2024

🔥

TWELVE Threat Attacks Windows To Encrypt Then Deleting Victims’ Data

GBHACKERS.COM — 26 Sep 2024

🔥

Sophos: Attacks Drop in Nearly All Sectors But Healthcare

DATABREACHTODAY.CO.UK — 2024-09-26

🔥

Police Are Probing a Cyberattack on Wi-Fi Networks at UK Train Stations

SECURITYWEEK.COM — 26 Sep 2024

🔥

Ransomware on the rise: Healthcare industry attack trends 2024

SECURITYINTELLIGENCE.COM — 26 Sep 2024

🔥

India’s Star Health says it’s investigating after hacker posts stolen medical data

TECHCRUNCH.COM — 26 Sep 2024

🔥

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

KREBSONSECURITY.COM — 26 Sep 2024

🔥

Cyberattack Investigated At UK's Busiest Train Stations

PACKETSTORMSECURITY.COM — 26 Sep 2024

🔥

US sanctions crypto exchanges used by Russian ransomware gangs

BLEEPINGCOMPUTER.COM — 26 Sep 2024

🔥

'Vanilla Tempest' Now Using INC Ransomware in Health Sector

DATABREACHTODAY.CO.UK — 2024-09-26

🔥

Kryptina RaaS: From Unsellable Cast-Off to Enterprise Ransomware

SENTINELONE.COM — 26 Sep 2024

🔥

Data exfiltration using RAMBO & PIXHELL | Kaspersky official blog

KASPERSKY.COM — 26 Sep 2024

🔥

Unit 42 Incident Response Retainers Enhance Organizational Resilience

PALOALTONETWORKS.COM — 26 Sep 2024

🔥

New RomCom malware variant 'SnipBot' spotted in data theft attacks

BLEEPINGCOMPUTER.COM — 26 Sep 2024

🔥

Cybersecurity Compass: Bridging the Communication Gap

TRENDMICRO.COM — 26 Sep 2024

🔥

Storm-0501: Ransomware attacks expanding to hybrid cloud environments

MICROSOFT.COM — 26 Sep 2024

🕵️

OSINT - Image Analysis or More Where, When, and Metadata [Guest Diary], (Wed, Sep 25th)

ISC.SANS.EDU — 26 Sep 2024

🕵️

ISC Stormcast For Thursday, September 26th, 2024 https://isc.sans.edu/podcastdetail/9154, (Thu, Sep 26th)

ISC.SANS.EDU — 26 Sep 2024

🕵️

Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign

THEHACKERNEWS.COM — 26 Sep 2024

🕵️

Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities

THEHACKERNEWS.COM — 26 Sep 2024

🕵️

Beware Of Fake Captcha Attacks That Delivers Lumma Stealer Malware

GBHACKERS.COM — 26 Sep 2024

🕵️

Russian Hackers Registering Domains Targeting US Tech Brands

GBHACKERS.COM — 26 Sep 2024

🕵️

Beware Of Fake Verify You Are A Human Request That Delivers Malware

GBHACKERS.COM — 26 Sep 2024

🕵️

Octo2 Android Malware Attacking To Steal Banking Credentials

GBHACKERS.COM — 26 Sep 2024

🕵️

An Analysis of the EU’s Cyber Resilience Act

SCHNEIER.COM — 2024-09-26

🕵️

US Transportation and Logistics Firms Targeted With Infostealers, Backdoors

SECURITYWEEK.COM — 26 Sep 2024

🕵️

N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks

THEHACKERNEWS.COM — 26 Sep 2024

🕵️

Cisco Patches High-Severity Vulnerabilities in IOS Software

SECURITYWEEK.COM — 26 Sep 2024

🕵️

Google Sees Drop in Memory Safety Bugs in Android as Code Matures

SECURITYWEEK.COM — 26 Sep 2024

🕵️

Cryptography DEEPEST LORE

GITHUB.COM — 26 Sep 2024

🕵️

OpenAI Exits, Appointments and New Corporate Model

DATABREACHTODAY.CO.UK — 2024-09-26

🕵️

Critical Nvidia Container Flaw Exposes Cloud AI Systems to Host Takeover

SECURITYWEEK.COM — 26 Sep 2024

🕵️

Unsophisticated Methods - PSW #844

YOUTUBE.COM — 2024-09-26

🕵️

Proof of Concept: Boosting Security and Taming AI 'Lies'

DATABREACHTODAY.CO.UK — 2024-09-26

🕵️

Parsec Remote Access installed without user knowing

SH.ITJUST.WORKS — 26 Sep 2024

🕵️

X Releases Its First Transparency Report Since Elon Musk’s Takeover

SECURITYWEEK.COM — 26 Sep 2024

🕵️

Cyberespionage the Gamaredon way: Analysis of toolset used to spy on Ukraine in 2022 and 2023

WELIVESECURITY.COM — 26 Sep 2024

🌐

Inside SnipBot: The Latest RomCom Malware Variant

UNIT42.PALOALTONETWORKS.COM — 26 Sep 2024

🌐

RecordStealer: A Case Study in the Persistent Threat of Info-Stealing Malware

SECURITYONLINE.INFO — 26 Sep 2024

🌐

Cracked Software or Cyber Trap? The Rising Danger of AsyncRAT Malware

MCAFEE.COM — 26 Sep 2024

🌐

Inaugural World Tour 2024 Survey Findings

TRENDMICRO.COM — 26 Sep 2024

🎙️

Smashing Security podcast #386: The $230 million crypto handbag heist, and misinformation on social media

GRAHAMCLULEY.COM — 26 Sep 2024

🎙️

Transatlantic Cable podcast episode 364 | Kaspersky official blog

KASPERSKY.COM — 26 Sep 2024

📡

Sophos named a Leader in the 2024 IDC MarketScape for European MDR Services

SOPHOS.COM — 26 Sep 2024

📡

HPE Aruba Networking fixes critical flaws impacting Access Points

BLEEPINGCOMPUTER.COM — 26 Sep 2024

📡

The Tor Project merges with Tails, a Linux-based portable OS focused on privacy

TECHCRUNCH.COM — 26 Sep 2024

📡

Overloaded with SIEM Alerts? Discover Effective Strategies in This Expert-Led Webinar

THEHACKERNEWS.COM — 26 Sep 2024

📡

Fake WalletConnect app on Google Play steals Android users’ crypto

BLEEPINGCOMPUTER.COM — 26 Sep 2024

📡

Joint guidance on detecting and mitigating Active Directory compromises

CYBER.GC.CA — 2024-09-26

📡

When UK rail stations’ Wi-Fi was defaced by hackers the only casualty was the truth

BITDEFENDER.COM — 26 Sep 2024

📡

AI Meets SAST: Reimagining the Future of Static Analysis | Live Webinar

DATABREACHTODAY.CO.UK — 2024-09-26

📡

Hacker Plants False Memories In ChatGPT To Steal User Data In Perpetuity

PACKETSTORMSECURITY.COM — 26 Sep 2024

📡

Cisco Patches High Severity Vulnerabilities In IOS

PACKETSTORMSECURITY.COM — 26 Sep 2024

📡

China's Salt Typhoon Cyber Spies Are Deep Inside US ISPs

PACKETSTORMSECURITY.COM — 26 Sep 2024

📡

Tails OS merges with Tor Project for better privacy, security

BLEEPINGCOMPUTER.COM — 26 Sep 2024

📡

Kia dealer portal flaw could let attackers hack millions of cars

BLEEPINGCOMPUTER.COM — 26 Sep 2024